Route Origin Authorization 

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L7DmRb5kBBAAAPaeQ8cUyUojEac.roa
File:                     L7DmRb5kBBAAAPaeQ8cUyUojEac.roa (raw, json)
Hash identifier:          aRhoGbsSJ0HxNz87vfoH4JVBJuJSEN/wSf+wUcbel0I=
Subject key identifier:   2F:B0:E6:45:BE:64:04:10:00:00:F6:9E:43:C7:14:C9:4A:23:11:A7
Certificate issuer:       /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial:       018CCA2BBC4F313597C166F059E5705B374C
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L7DmRb5kBBAAAPaeQ8cUyUojEac.roa
Signing time:             Tue 02 Jan 2024 12:35:13 +0000
ROA not before:           Tue 02 Jan 2024 12:35:13 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     197142
IP address blocks:        213.189.42.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 12:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:ca:2b:bc:4f:31:35:97:c1:66:f0:59:e5:70:5b:37:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
        Validity
            Not Before: Jan  2 12:35:13 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=2fb0e645be6404100000f69e43c714c94a2311a7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:ec:97:2a:a9:2f:9e:4b:83:75:80:1f:e1:e9:
                    28:a8:d0:fa:e6:1b:21:e5:7f:dc:da:c6:10:fc:b7:
                    a8:26:36:de:5c:5c:64:3b:80:85:85:59:78:0b:be:
                    49:27:02:2e:13:32:7d:62:33:d3:b8:76:21:4e:a1:
                    2f:c8:ca:b2:74:27:f4:5f:2d:b0:82:a6:e4:9f:b2:
                    60:7d:82:35:a0:b0:c8:93:5d:d7:09:66:b5:6d:7a:
                    cb:0a:94:28:7c:67:38:00:83:91:12:a2:f2:31:f1:
                    43:54:2e:6e:2f:3c:41:4e:5e:c6:1d:d4:47:61:9e:
                    4a:7e:9e:7f:34:3f:ed:06:ea:e3:91:bb:3f:74:6f:
                    b0:b1:cd:b3:a9:44:3f:e5:f1:04:94:6e:a0:7e:83:
                    3c:66:3a:c5:22:0a:db:65:ad:7f:d6:42:d6:20:ff:
                    38:32:04:b0:f0:64:a5:aa:f6:a0:b7:45:7f:44:e0:
                    fd:71:bc:c3:66:2d:9c:0d:f7:84:0b:d5:d1:f9:3f:
                    c9:a9:9c:a8:2d:9f:88:54:96:06:9b:ff:ca:6d:8c:
                    16:9b:0b:f0:16:ac:ea:b7:f6:b9:b6:de:e2:ae:7b:
                    8b:ed:ba:e1:1c:78:e8:06:91:25:80:c7:f3:43:c6:
                    03:7c:86:f9:10:fd:26:66:bd:f0:15:6c:31:02:b3:
                    88:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:B0:E6:45:BE:64:04:10:00:00:F6:9E:43:C7:14:C9:4A:23:11:A7
            X509v3 Authority Key Identifier:
                keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/L7DmRb5kBBAAAPaeQ8cUyUojEac.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  213.189.42.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:c0:38:22:b1:93:5b:e2:75:14:e2:e6:c6:f3:76:c8:a2:04:
         e6:ae:ed:53:20:91:d6:32:c3:6b:d2:92:e3:19:f4:d9:bc:fa:
         74:3b:41:84:f1:4d:77:2d:11:ff:33:99:86:ea:79:71:ab:b2:
         94:f7:a6:0b:e9:8e:4b:91:4d:78:43:5a:72:2e:4d:99:37:24:
         56:21:1d:60:84:a6:71:8a:38:5a:6a:54:24:d7:6a:44:b6:e7:
         04:3c:40:78:0e:c1:48:e5:62:e0:aa:9b:9f:15:d4:6a:b8:cb:
         6a:2c:64:e9:35:fa:b7:fb:a6:4f:28:38:69:6e:56:f9:3d:a4:
         f3:ce:c9:f6:9d:3f:f1:91:42:a6:57:f9:f8:c5:e1:2c:ee:92:
         a9:45:8c:d4:cb:0e:e8:19:0e:b9:8d:11:3a:15:1c:85:4d:74:
         fc:e0:06:27:09:b7:29:4a:91:db:80:75:84:2c:8b:5c:5d:9e:
         07:5f:81:df:58:12:e4:7a:6a:ec:ed:67:b3:3b:ad:67:c1:72:
         0b:22:3e:47:b3:37:0a:cd:2a:41:d9:c0:fe:f0:30:33:66:ed:
         38:da:51:25:db:e8:b9:f8:be:ed:a6:dc:89:33:70:78:24:bc:
         4c:04:e1:e7:50:53:72:b9:42:44:00:2b:9b:e2:58:c8:0d:1d:
         f9:a9:74:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKK7xPMTWXwWbwWeVwWzdMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwMTAyMTIzNTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmIwZTY0NWJlNjQwNDEwMDAwMGY2OWU0M2M3MTRjOTRhMjMxMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuyXKqkvnkuDdYAf4ekoqND65hsh
5X/c2sYQ/LeoJjbeXFxkO4CFhVl4C75JJwIuEzJ9YjPTuHYhTqEvyMqydCf0Xy2w
gqbkn7JgfYI1oLDIk13XCWa1bXrLCpQofGc4AIOREqLyMfFDVC5uLzxBTl7GHdRH
YZ5Kfp5/ND/tBurjkbs/dG+wsc2zqUQ/5fEElG6gfoM8ZjrFIgrbZa1/1kLWIP84
MgSw8GSlqvagt0V/ROD9cbzDZi2cDfeEC9XR+T/JqZyoLZ+IVJYGm//KbYwWmwvw
Fqzqt/a5tt7irnuL7brhHHjoBpElgMfzQ8YDfIb5EP0mZr3wFWwxArOIqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC+w5kW+ZAQQAAD2nkPHFMlKIxGnMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvTDdEbVJiNWtCQkFBQVBhZVE4Y1V5VW9qRWFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1b0qMA0G
CSqGSIb3DQEBCwUAA4IBAQBpwDgisZNb4nUU4ubG83bIogTmru1TIJHWMsNr0pLj
GfTZvPp0O0GE8U13LRH/M5mG6nlxq7KU96YL6Y5LkU14Q1pyLk2ZNyRWIR1ghKZx
ijhaalQk12pEtucEPEB4DsFI5WLgqpufFdRquMtqLGTpNfq3+6ZPKDhpblb5PaTz
zsn2nT/xkUKmV/n4xeEs7pKpRYzUyw7oGQ65jRE6FRyFTXT84AYnCbcpSpHbgHWE
LItcXZ4HX4HfWBLkemrs7WezO61nwXILIj5HszcKzSpB2cD+8DAzZu042lEl2+i5
+L7tptyJM3B4JLxMBOHnUFNyuUJEACub4ljIDR35qXSc
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:11 2024 by rpki-client on console-ams.rpki-client.org